| API Description | API Path |
|---|---|
List all Service Definitions registered on given enforcement point.List all Service Definitions registered on given enforcement point. |
GET /policy/api/v1/enforcement-points/<enforcement-point-id>/service-definitions
|
Create a Service Definition on given enforcement point.Create a Service Definition on given enforcement point. |
POST /policy/api/v1/enforcement-points/<enforcement-point-id>/service-definitions
|
Delete an existing Service Definition on the given enforcement pointDelete an existing Service Definition on the given enforcement point. |
DELETE /policy/api/v1/enforcement-points/<enforcement-point-id>/service-definitions/<service-definition-id>
|
Read Service Definition with given service-definition-id.Read Service Definition with given service-definition-id. |
GET /policy/api/v1/enforcement-points/<enforcement-point-id>/service-definitions/<service-definition-id>
|
Update an existing Service Definition on the given enforcement pointUpdate an existing Service Definition on the given enforcement point. |
PUT /policy/api/v1/enforcement-points/<enforcement-point-id>/service-definitions/<service-definition-id>
|
List all DNS security profilesList all DNS security profiles |
GET /policy/api/v1/infra/dns-security-profiles
GET /policy/api/v1/global-infra/dns-security-profiles |
Delete DNS security profileDelete DNS security profile |
DELETE /policy/api/v1/global-infra/dns-security-profiles/<profile-id>
DELETE /policy/api/v1/infra/dns-security-profiles/<profile-id> |
Read the DNS Forwarder for the given tier-0 instanceRead the DNS Forwarder for the given tier-0 instance |
GET /policy/api/v1/global-infra/dns-security-profiles/<profile-id>
GET /policy/api/v1/infra/dns-security-profiles/<profile-id> |
Create or update DNS security profileCreate or update DNS security profile |
PATCH /policy/api/v1/global-infra/dns-security-profiles/<profile-id>
PATCH /policy/api/v1/infra/dns-security-profiles/<profile-id> |
Create or update DNS security profileCreate or update DNS security profile |
PUT /policy/api/v1/global-infra/dns-security-profiles/<profile-id>
PUT /policy/api/v1/infra/dns-security-profiles/<profile-id> |
List communication mapsList all communication maps for a domain. This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies |
GET /policy/api/v1/infra/domains/<domain-id>/communication-maps
(Deprecated)
|
Deletes a communication map from this domainDeletes the communication map along with all the communication entries This API is deprecated. Please use the following API instead. DELETE /infra/domains/domain-id/security-policies/security-policy-id |
DELETE /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
(Deprecated)
|
Read communication-mapRead communication-map for a domain. This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies/security-policy-id |
GET /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
(Deprecated)
|
Patch communication mapPatch the communication map for a domain. If a communication map for the given communication-map-id is not present, the object will get created and if it is present it will be updated. This is a full replace This API is deprecated. Please use the following API instead. PATCH /infra/domains/domain-id/security-policies/security-policy-id |
PATCH /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
(Deprecated)
|
Revise the positioning of communication mapsThis is used to set a precedence of a communication map w.r.t others. This API is deprecated. Please use the following API instead. POST /infra/domains/domain-id/security-policies/security-policy-id?action=revise |
POST /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>?action=revise
(Deprecated)
|
Create or Update communication mapCreate or Update the communication map for a domain. This is a full replace. All the CommunicationEntries are replaced. This API is deprecated. Please use the following API instead. PUT /infra/domains/domain-id/security-policies/security-policy-id |
PUT /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>
(Deprecated)
|
List CommunicationEntriesList CommunicationEntries This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies/security-policy-id/rules |
GET /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries
(Deprecated)
|
Delete CommunicationEntryDelete CommunicationEntry This API is deprecated. Please use the following API instead. DELETE /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id |
DELETE /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
(Deprecated)
|
Read CommunicationEntryRead CommunicationEntry This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id |
GET /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
(Deprecated)
|
Patch a CommunicationEntryPatch the CommunicationEntry. If a communication entry for the given communication-entry-id is not present, the object will get created and if it is present it will be updated. This is a full replace This API is deprecated. Please use the following API instead. PATCH /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id |
PATCH /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
(Deprecated)
|
Revise the positioning of communication entryThis is used to re-order a communictation entry within a communication map. This API is deprecated. Please use the following API instead. POST /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id?action=revise |
POST /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>?action=revise
(Deprecated)
|
Create or update a CommunicationEntryUpdate the CommunicationEntry. If a CommunicationEntry with the communication-entry-id is not already present, this API fails with a 404. Creation of CommunicationEntries is not allowed using this API. This API is deprecated. Please use the following API instead PUT /infra/domains/domain-id/security-policies/securit-policy-id/rules/rule-id |
PUT /policy/api/v1/infra/domains/<domain-id>/communication-maps/<communication-map-id>/communication-entries/<communication-entry-id>
(Deprecated)
|
Delete Endpoint policyDelete Endpoint policy. |
DELETE /policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>
|
Read Endpoint policyRead Endpoint policy. |
GET /policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>
|
Create or update Endpoint policyCreate or update the Endpoint policy. |
PATCH /policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>
|
Create or update Endpoint policyCreate or update the Endpoint policy. |
PUT /policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>
|
List Endpoint rulesList Endpoint rules |
GET /policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>/endpoint-rules
|
Delete EndpointRuleDelete EndpointRule |
DELETE /policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>/endpoint-rules/<endpoint-rule-id>
|
Read Endpoint ruleRead Endpoint rule |
GET /policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>/endpoint-rules/<endpoint-rule-id>
|
Update Endpoint ruleCreate a Endpoint rule with the endpoint-rule-id is not already present, otherwise update the Endpoint Rule. |
PATCH /policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>/endpoint-rules/<endpoint-rule-id>
|
Update Endpoint ruleCreate a Endpoint rule with the endpoint-rule-id is not already present, otherwise update the Endpoint Rule. |
PUT /policy/api/v1/infra/domains/<domain-id>/endpoint-policies/<endpoint-policy-id>/endpoint-rules/<endpoint-rule-id>
|
List gateway policiesList all gateway policies for specified Domain. |
GET /policy/api/v1/infra/domains/<domain-id>/gateway-policies
GET /policy/api/v1/global-infra/domains/<domain-id>/gateway-policies |
Delete GatewayPolicyDelete GatewayPolicy |
DELETE /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>
|
Read gateway policyRead gateway policy for a domain. |
GET /policy/api/v1/global-infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>
GET /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id> |
Update gateway policyUpdate the gateway policy for a domain. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a gateway policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. |
PATCH /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>
|
Revise the positioning of gateway policyThis is used to set a precedence of a gateway policy w.r.t others. |
POST /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>?action=revise
|
Update gateway policyUpdate the gateway policy for a domain. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a gateway policy, use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. |
PUT /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>
|
List rulesList rules |
GET /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules
GET /policy/api/v1/global-infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules |
Delete ruleDelete rule |
DELETE /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>
|
Read ruleRead rule |
GET /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>
GET /policy/api/v1/global-infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id> |
Update gateway ruleUpdate the gateway rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you want to edit several rules in a gateway policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/gateway-policies/<gateway-policy-id> Concurrency Note: Concurrent firewall rule creation is not supported under the same Gateway Policy. |
PATCH /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>
|
Revise the positioning of gateway ruleThis is used to re-order a gateway rule within a gateway policy. |
POST /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>?action=revise
|
Update gateway ruleUpdate the gateway rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you want to edit several rules in a gateway policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/gateway-policies/<gateway-policy-id> Concurrency Note: Concurrent firewall rule creation is not supported under the same Gateway Policy. |
PUT /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>
|
Get gateway rule statisticsGet statistics of a gateway rule. - no enforcement point path specified: Stats will be evaluated on each enforcement. point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. |
GET /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>/statistics
GET /policy/api/v1/global-infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/rules/<rule-id>/statistics |
Get gateway policy statisticsGet statistics of a gateay policy. - no enforcement point path specified: Stats will be evaluated on each enforcement. point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. |
GET /policy/api/v1/infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/statistics
GET /policy/api/v1/global-infra/domains/<domain-id>/gateway-policies/<gateway-policy-id>/statistics |
Get DNS security profile binding mapAPI will get DNS security profile binding map |
GET /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps
GET /policy/api/v1/global-infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps |
Delete DNS security profile binding mapAPI will delete DNS security profile binding map |
DELETE /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps/<dns-security-profile-binding-map-id>
|
Get DNS security profile binding mapAPI will get DNS security profile binding map |
GET /policy/api/v1/global-infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps/<dns-security-profile-binding-map-id>
GET /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps/<dns-security-profile-binding-map-id> |
Create or update DNS security profile binding mapAPI will create or update DNS security profile binding map |
PATCH /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps/<dns-security-profile-binding-map-id>
|
Update DNS security profile binding mapAPI will update DNS security profile binding map |
PUT /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/dns-security-profile-binding-maps/<dns-security-profile-binding-map-id>
|
List Firewall Flood Protection Profile Binding MapsAPI will list all Firewall Flood Protection Profile Binding Maps in current group id. |
GET /policy/api/v1/global-infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps
GET /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps |
Delete Firewall Flood Protection Profile BindingAPI will delete Firewall Flood Protection Profile Binding |
DELETE /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps/<firewall-flood-protection-profile-binding-map-id>
|
Get Firewall Flood Protection Profile Binding MapAPI will get Firewall Flood Protection Profile Binding Map |
GET /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps/<firewall-flood-protection-profile-binding-map-id>
GET /policy/api/v1/global-infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps/<firewall-flood-protection-profile-binding-map-id> |
Create or update Firewall Flood Protection Profile Binding MapAPI will create or update Firewall Flood Protection profile binding map |
PATCH /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps/<firewall-flood-protection-profile-binding-map-id>
|
Update Firewall Flood Protection Profile Binding MapAPI will update Firewall Flood Protection Profile Binding Map |
PUT /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-flood-protection-profile-binding-maps/<firewall-flood-protection-profile-binding-map-id>
|
List Firewall Session Timer Profile Binding MapsAPI will list all Firewall Session Timer Profile Binding Maps in current group id. |
GET /policy/api/v1/global-infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps
GET /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps |
Delete Firewall Session Timer Profile BindingAPI will delete Firewall Session Timer Profile Binding |
DELETE /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps/<firewall-session-timer-profile-binding-map-id>
|
Get Firewall Session Timer Profile Binding MapAPI will get Firewall Session Timer Profile Binding Map |
GET /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps/<firewall-session-timer-profile-binding-map-id>
GET /policy/api/v1/global-infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps/<firewall-session-timer-profile-binding-map-id> |
Create or update Firewall Session Timer Profile Binding MapAPI will create or update Firewall Session Timer profile binding map |
PATCH /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps/<firewall-session-timer-profile-binding-map-id>
|
Update Firewall Session Timer Profile Binding MapAPI will update Firewall Session Timer Profile Binding Map |
PUT /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/firewall-session-timer-profile-binding-maps/<firewall-session-timer-profile-binding-map-id>
|
List Group Monitoring Profile Binding MapsAPI will list all Group Monitoring Profile Binding Maps in current group id. |
GET /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps
GET /policy/api/v1/global-infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps |
Delete Group Monitoring Profile BindingAPI will delete Group Monitoring Profile Binding |
DELETE /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps/<group-monitoring-profile-binding-map-id>
|
Get Group Monitoring Profile Binding MapAPI will get Group Monitoring Profile Binding Map |
GET /policy/api/v1/global-infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps/<group-monitoring-profile-binding-map-id>
GET /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps/<group-monitoring-profile-binding-map-id> |
Create Group Monitoring Profile Binding MapAPI will create group monitoring profile binding map |
PATCH /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps/<group-monitoring-profile-binding-map-id>
|
Update Group Monitoring Profile Binding MapAPI will update Group Monitoring Profile Binding Map |
PUT /policy/api/v1/infra/domains/<domain-id>/groups/<group-id>/group-monitoring-profile-binding-maps/<group-monitoring-profile-binding-map-id>
|
List IDS gateway policiesList all IDS gateway policies for specified Domain. |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies
(Experimental)
|
Delete IDS GatewayPolicyDelete IDS GatewayPolicy |
DELETE /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>
(Experimental)
|
Read IDS gateway policyRead IDS gateway policy for a domain. |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>
(Experimental)
|
Update IDS gateway policyUpdate the IDS gateway policy for a domain. |
PATCH /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>
(Experimental)
|
Revise the positioning of IDS gateway policyThis is used to set a precedence of a IDS gateway policy w.r.t others. |
POST /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>?action=revise
(Experimental)
|
Update IDS gateway policyUpdate the IDS gateway policy for a domain. |
PUT /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>
(Experimental)
|
List IDS Gateway rulesList IDS Gateway rules |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>/rules
(Experimental)
|
Delete IDS Gateway ruleDelete IDS Gateway rule |
DELETE /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>/rules/<rule-id>
(Experimental)
|
Read IDS ruleRead IDS rule |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>/rules/<rule-id>
(Experimental)
|
Update IDS gateway ruleUpdate the gateway rule. |
PATCH /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>/rules/<rule-id>
(Experimental)
|
Revise the positioning of IDS gateway ruleThis is used to re-order a IDS gateway rule within a IDS gateway policy. |
POST /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>/rules/<rule-id>?action=revise
(Experimental)
|
Create or Update IDS gateway ruleCreate or Update the IDS gateway rule. |
PUT /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>/rules/<rule-id>
(Experimental)
|
Get IDS gateway rule statisticsGet statistics of a IDS gateway rule. - no enforcement point path specified: Stats will be evaluated on each enforcement. point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>/rules/<rule-id>/statistics
(Experimental)
|
Get IDS gateway policy statisticsGet statistics of a IDS gateway policy. - no enforcement point path specified: Stats will be evaluated on each enforcement. point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-gateway-policies/<policy-id>/statistics
(Experimental)
|
List IDS security policiesList intrusion detection system security policies. |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies
|
Get IDS/IPS rule statisticsGet statistics of a IDS/IPS rule. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<ids-policy-id>/rules/<rule-id>/statistics
|
Get IDS security policy statisticsGet statistics of a IDS security policy. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<ids-policy-id>/statistics
|
Delete IDS security policyDelete intrusion detection system security policy. |
DELETE /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>
|
Get IDS security policy.Read intrusion detection system security policy. |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>
|
Patch IDS security policyPatch intrusion detection system security policy for a domain. |
PATCH /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>
|
Revise the positioning of IDS security policiesThis is used to set a precedence of a security policy w.r.t others. |
POST /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>?action=revise
|
create or update IDS security policyUpdate intrusion detection system security policy for a domain. |
PUT /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>
|
List IDS rulesList intrusion detection rules. |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>/rules
|
Delete IDS ruleDelete intrusion detection rule. |
DELETE /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>/rules/<rule-id>
|
Get IDS rule.Read intrusion detection rule |
GET /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>/rules/<rule-id>
|
Patch IDS rulePatch intrusion detection system rule. |
PATCH /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>/rules/<rule-id>
|
Revise the positioning of IDS ruleThis is used to re-order a rule within a security policy. |
POST /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>/rules/<rule-id>?action=revise
|
create or update IDS ruleUpdate intrusion detection system rule. |
PUT /policy/api/v1/infra/domains/<domain-id>/intrusion-service-policies/<policy-id>/rules/<rule-id>
|
List redirection policys for a domainList redirection policys for a domain |
GET /policy/api/v1/infra/domains/<domain-id>/redirection-policies
|
Delete redirection policyDelete redirection policy. |
DELETE /policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>
|
Read redirection policyRead redirection policy. |
GET /policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>
|
Create or update redirection policyCreate or update the redirection policy. Performance Note: If you want to edit several rules in a redirection policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. |
PATCH /policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>
|
Create or update redirection policyCreate or update the redirection policy. Performance Note: If you want to edit several rules in a redirection policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. |
PUT /policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>
|
List rulesList rules |
GET /policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>/rules
|
Delete RedirectionRuleDelete RedirectionRule |
DELETE /policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>/rules/<rule-id>
|
Read ruleRead rule |
GET /policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>/rules/<rule-id>
|
Update redirection ruleCreate a rule with the rule-id is not already present, otherwise update the rule. Performance Note: If you want to edit several rules in a redirection policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/redirection-policies/<red-policy-id> |
PATCH /policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>/rules/<rule-id>
|
Update redirection ruleCreate a rule with the rule-id is not already present, otherwise update the rule. Performance Note: If you want to edit several rules in a redirection policy,prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/redirection-policies/<red-policy-id> |
PUT /policy/api/v1/infra/domains/<domain-id>/redirection-policies/<redirection-policy-id>/rules/<rule-id>
|
List security policiesList all security policies for a domain. |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies |
Deletes a security policy from this domainDeletes the security policy along with all the rules |
DELETE /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
|
Read security policyRead security policy for a domain. |
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies/<security-policy-id>
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id> |
Patch security policyPatch the security policy for a domain. If a security policy for the given security-policy-id is not present, the object will get created and if it is present it will be updated. This is a full replace. Performance Note: If you want to edit several rules in a security policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. |
PATCH /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
|
Revise the positioning of security policiesThis is used to set a precedence of a security policy w.r.t others. |
POST /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>?action=revise
|
Create or Update security policyCreate or Update the security policy for a domain. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a security policy, use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. |
PUT /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>
|
List all container cluster span of a security policyList all container cluster span of a security policy |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/container-cluster-span
|
Deletes a security policy from this domainDeletes the security policy along with all the rules |
DELETE /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/container-cluster-span/<antrea-cluster-1>
|
Read container cluster for a security policyRead container cluster for a security policy. |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/container-cluster-span/<antrea-cluster-1>
|
Add a container cluster as a span of this security policyAdd a container cluster as a span of this security policy. If there already exists another object containing the same container cluster path, an error will be thrown. The container cluster path cannot be modified If the path has to be modified, then delete this entity and add a new entity with the desired container cluster path |
PATCH /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/container-cluster-span/<container-cluster-id>
|
Add a container cluster as a span of this security policyAdd a container cluster as a span of this security policy. If there already exists another object containing the same container cluster path, an error will be thrown. The container cluster path cannot be modified If the path has to be modified, then delete this entity and add a new entity with the desired container cluster path |
PUT /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/container-cluster-span/<container-cluster-id>
|
List rulesList rules |
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies/<security-policy-id>/rules
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules |
Delete ruleDelete rule |
DELETE /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
|
Read ruleRead rule |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id> |
Patch a rulePatch the rule. If Rule corresponding to the the given rule-id is not present, the object will get created and if it is present it will be updated. This is a full replace. Performance Note: If you want to edit several rules in a security policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/security-policies/<security-policy-id> |
PATCH /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
|
Revise the positioning of ruleThis is used to re-order a rule within a security policy. |
POST /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>?action=revise
|
Create or update a ruleUpdate the rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you wish to edit several rules in a security policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/security-policies/<security-policy-id> |
PUT /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>
|
Get rule statisticsGet statistics of a rule. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>/statistics
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies/<security-policy-id>/rules/<rule-id>/statistics |
Get security policy statisticsGet statistics of a security policy. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. |
GET /policy/api/v1/infra/domains/<domain-id>/security-policies/<security-policy-id>/statistics
GET /policy/api/v1/global-infra/domains/<domain-id>/security-policies/<security-policy-id>/statistics |
List Endpoint policiesList all Endpoint policies across all domains ordered by precedence. |
GET /policy/api/v1/infra/domains/endpoint-policies
|
List Firewall Flood Protection Profile Binding Maps for all domainsAPI will list all Firewall Flood Protection Profile Binding Maps across all domains. This API returns the binding maps order by the sequence number. |
GET /policy/api/v1/infra/domains/firewall-flood-protection-profile-binding-maps
|
List Firewall Session Timer Profile Binding Maps for all domainsAPI will list all Firewall Session Timer Profile Binding Maps across all domains. This API returns the binding maps order by the sequence number. |
GET /policy/api/v1/global-infra/domains/firewall-session-timer-profile-binding-maps
GET /policy/api/v1/infra/domains/firewall-session-timer-profile-binding-maps |
List redirection policysList all redirection policys across all domains ordered by precedence. |
GET /policy/api/v1/infra/domains/redirection-policies
|
List policy draftsList policy drafts. |
GET /policy/api/v1/infra/drafts
|
Delete a manual draftDelete a manual draft. |
DELETE /policy/api/v1/infra/drafts/<draft-id>
|
Read draftRead a draft for a given draft identifier. |
GET /policy/api/v1/infra/drafts/<draft-id>
|
Patch a manual draftCreate a new manual draft if the specified draft id does not correspond to an existing draft. Update the manual draft otherwise. Auto draft can not be updated. |
PATCH /policy/api/v1/infra/drafts/<draft-id>
|
Publish a draftRead a draft and publish it by applying changes onto current configuration. If there are additional changes on top of draft configuration, pass it as a request body, in form of Infra object. Otherwise, if there are no additional changes, then pass empty Infra object as a request body. |
POST /policy/api/v1/infra/drafts/<draft-id>?action=publish
|
Create or update a manual draftCreate a new manual draft if the specified draft id does not correspond to an existing draft. Update the manual draft otherwise. Auto draft can not be updated. |
PUT /policy/api/v1/infra/drafts/<draft-id>
|
Get an aggregated configuration for the draftGet an aggregated configuration that will get applied onto current configuration during publish of this draft. The response is a hierarchical payload containing the aggregated configuration differences from the latest auto draft till the specified draft. |
GET /policy/api/v1/infra/drafts/<draft-id>/aggregated
|
Get paginated aggregated configuration for the draftGet a paginated aggregated configuration of a given draft. This aggregated configuration is the differnece between the current published firewall configuration and a firewall configuration stored in a given draft. For an initial API call, if request_id is present in a response, then this is a paginated aggregated configuration of a given draft, containing all the security policies from the aggregated configuration. Using this request_id, more granular aggregated configuration, at security policy level, can be fetched from subsequent API calls. Absence of request_id suggests that whole aggregated configuration has been returned as a response to initial API call, as the size of aggregated configuration is not big enough to need pagination. |
GET /policy/api/v1/infra/drafts/<draft-id>/aggregated_with_pagination
|
Get a preview of a configuration after publish of a draftGet a preview of a configuration which will be present after publish of a specified draft. The response essentially is a hierarchical payload containing the configuration, which will be in active after a specified draft gets published onto current configuration. |
GET /policy/api/v1/infra/drafts/<draft-id>/complete
|
Test a directory domain event log server connectivityThis API tests a event log server connectivity before the actual domain or event log server is configured. If the connectivity is good, the response will be HTTP status 200. Otherwise the response will be HTTP status 200 and a corresponding error message will be returned. |
POST /policy/api/v1/infra/firewall-identity-store-event-log-servers/status
|
Test a directory domain LDAP server connectivityThis API tests a LDAP server connectivity before the actual domain or LDAP server is configured. If the connectivity is good, the response will be HTTP status 200. Otherwise the response will be HTTP status 500 and corresponding error message will be returned. |
POST /policy/api/v1/infra/firewall-identity-store-ldap-server
|
Scan the size of a directory domainThis call scans the size of a directory domain. It may be very | expensive to run this call in some AD domain deployments. Please | use it with caution. |
POST /policy/api/v1/infra/firewall-identity-store-size
|
List all firewall identity storesList all firewall identity stores |
GET /policy/api/v1/infra/firewall-identity-stores
|
Fetch all organization units for a LDAP server. |
POST /policy/api/v1/infra/firewall-identity-stores-org-units
|
Delete firewall identity storeIf the firewall identity store is removed, it will stop the identity store synchronization. User will not be able to define new IDFW rules |
DELETE /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>
|
Read firewall identity storeReturn a firewall identity store based on the store identifier |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>
|
Create or update a firewall identity storeIf a firewall identity store with the firewall-identity-store-id is not already present, create a new firewall identity store. If it already exists, update the firewall identity store with specified attributes. |
PATCH /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>
|
Invoke full sync or delta sync for a specific domain, with additional delay in seconds if needed. Stop sync will try to stop any pending sync if any to return to idle state. |
POST /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>
|
Create or update a firewall identity storeIf a firewall identity store with the firewall-identity-store-id is not already present, create a new firewall identity store. If it already exists, replace the firewall identity store instance with the new object. |
PUT /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>
|
Delete a Event Log server for Firewall Identity store |
DELETE /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/event-log-servers/<event-log-server-id>
|
Get a specific Event Log server for a given Firewall Identity store |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/event-log-servers/<event-log-server-id>
|
Update a event log server for Firewall Identity store |
PUT /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/event-log-servers/<event-log-server-id>
|
Search for directory groups within a domain based on the substring of a distinguished name. (e.g. CN=User,DC=acme,DC=com) The search filter pattern can optionally support multiple (up to 100 maximum) search pattern separated by '|' (url encoded %7C). In this case, the search results will be returned as the union of all matching criteria. (e.g. CN=Ann,CN=Users,DC=acme,DC=com|CN=Bob,CN=Users,DC=acme,DC=com) |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/groups
|
List members of a directory groupA member group could be either direct member of the group specified by group_id or nested member of it. Both direct member groups and nested member groups are returned. Directory group member sync must be enabled to get the correct results. |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/groups/<group-id>/member-groups
|
List all configured domain LDAP servers |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers
|
Delete a LDAP server for Firewall Identity store |
DELETE /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers/<ldap-server-id>
|
Get a specific LDAP server for a given Firewall Identity store |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers/<ldap-server-id>
|
Create a LDAP server for Firewall Identity storeMore than one LDAP server can be created and only one LDAP server is used to synchronize directory objects. If more than one LDAP server is configured, NSX will try all the servers until it is able to successfully connect to one. |
PATCH /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers/<ldap-server-id>
|
Test a LDAP server connection for directory domainThe API tests a LDAP server connection for an already configured domain. If the connection is successful, the response will be HTTP status 200. Otherwise the response will be HTTP status 500 and corresponding error message will be returned. |
POST /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers/<ldap-server-id>
|
Update a LDAP server for Firewall Identity store |
PUT /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/ldap-servers/<ldap-server-id>
|
Fetch all organization units for a Firewall Identity Store. |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/org-units
|
Get Firewall identity store sync statistics for the given identifier |
GET /policy/api/v1/infra/firewall-identity-stores/<firewall-identity-store-id>/sync-stats
|
Get PolicyFirewallSchedulersGet all PolicyFirewallSchedulers |
GET /policy/api/v1/infra/firewall-schedulers
|
Delete Policy Firewall SchedulerDeletes the specified PolicyFirewallScheduler. If scheduler is consumed in a security policy, it won't get deleted. |
DELETE /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>
|
Get PolicyFirewallSchedulerGet a PolicyFirewallScheduler by id |
GET /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>
|
Create or Update PolicyFirewallSchedulerCreates/Updates a PolicyFirewallScheduler, which can be set at security policy. Note that at least one property out of "days", "start_date", "time_interval", "end_date" is required if "recurring" field is true. Also "start_time" and "end_time" should not be present. And if "recurring" field is false then "start_date" and "end_date" is mandatory, "start_time" and "end_time" is optional. Also the fields "days" and "time_interval" should not be present. |
PATCH /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>
|
Create or Update PolicyFirewallSchedulerUpdates a PolicyFirewallScheduler, which can be set at security policy. Note that at least one property out of "days", "start_date", "time_interval", "end_date" is required if "recurring" field is true. Also "start_time" and "end_time" should not be present. And if "recurring" field is false then "start_date" and "end_date" is mandatory, "start_time" and "end_time" is optional. Also the fields "days" and "time_interval" should not be present. |
PUT /policy/api/v1/infra/firewall-schedulers/<firewall-scheduler-id>
|
List Firewall Session Timer ProfilesAPI will list all Firewall Session Timer Profiles |
GET /policy/api/v1/global-infra/firewall-session-timer-profiles
GET /policy/api/v1/infra/firewall-session-timer-profiles |
Delete Firewall Session Timer ProfileAPI will delete Firewall Session Timer Profile |
DELETE /policy/api/v1/global-infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id>
DELETE /policy/api/v1/infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id> |
Get Firewall Session Timer ProfileAPI will get Firewall Session Timer Profile |
GET /policy/api/v1/global-infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id>
GET /policy/api/v1/infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id> |
Create or update Firewall Session Timer ProfileAPI will create/update Firewall Session Timer Profile |
PATCH /policy/api/v1/global-infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id>
PATCH /policy/api/v1/infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id> |
Update Firewall Session Timer ProfileAPI will update Firewall Session Timer Profile |
PUT /policy/api/v1/global-infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id>
PUT /policy/api/v1/infra/firewall-session-timer-profiles/<firewall-session-timer-profile-id> |
Get policies filtered based on the given criteriaGet the list of policies filtered based on the given criteria. |
GET /policy/api/v1/global-infra/firewall/policies
GET /policy/api/v1/infra/firewall/policies |
Get rules filtered based on the given criteriaGet the list of rules of given parent path of policy/section, filtered based on the given criteria. Parent path is mandatory. |
GET /policy/api/v1/global-infra/firewall/rules
GET /policy/api/v1/infra/firewall/rules |
List Flood Protection ProfilesAPI will list all Flood Protection Profiles |
GET /policy/api/v1/infra/flood-protection-profiles
GET /policy/api/v1/global-infra/flood-protection-profiles |
Delete Flood Protection ProfileAPI will delete Flood Protection Profile |
DELETE /policy/api/v1/infra/flood-protection-profiles/<flood-protection-profile-id>
DELETE /policy/api/v1/global-infra/flood-protection-profiles/<flood-protection-profile-id> |
Get Flood Protection ProfileAPI will get Flood Protection Profile |
GET /policy/api/v1/infra/flood-protection-profiles/<flood-protection-profile-id>
GET /policy/api/v1/global-infra/flood-protection-profiles/<flood-protection-profile-id> |
Create or update Flood Protection ProfileAPI will create/update Flood Protection Profile |
PATCH /policy/api/v1/infra/flood-protection-profiles/<flood-protection-profile-id>
PATCH /policy/api/v1/global-infra/flood-protection-profiles/<flood-protection-profile-id> |
Update Firewall Flood Protection ProfileAPI will update Firewall Flood Protection Profile |
PUT /policy/api/v1/infra/flood-protection-profiles/<flood-protection-profile-id>
PUT /policy/api/v1/global-infra/flood-protection-profiles/<flood-protection-profile-id> |
List Flood Protection ProfilesAPI will list all Flood Protection Profiles bindings. |
GET /policy/api/v1/infra/flood-protection-profiles/<flood-protection-profile-id>/bindings
GET /policy/api/v1/global-infra/flood-protection-profiles/<flood-protection-profile-id>/bindings |
Read partner servicesRead all the partner services available for service insertion |
GET /policy/api/v1/infra/partner-services
|
Read partner service identified by provided nameRead the specific partner service identified by provided name. |
GET /policy/api/v1/infra/partner-services/<service-name>
|
List TLS Config ProfilesAPI will list all TLS Config Profiles |
GET /policy/api/v1/infra/security/tls-inspection-config-profiles
(Experimental)
GET /policy/api/v1/global-infra/security/tls-inspection-config-profiles (Experimental) |
Delete TLS Config ProfileAPI will delete TLS Config Profile |
DELETE /policy/api/v1/infra/security/tls-inspection-config-profiles/<tls-inspection-config-profile>
(Experimental)
DELETE /policy/api/v1/global-infra/security/tls-inspection-config-profiles/<tls-inspection-config-profile> (Experimental) |
Get TLS Config ProfileAPI will get TLS Config Profile |
GET /policy/api/v1/infra/security/tls-inspection-config-profiles/<tls-inspection-config-profile>
(Experimental)
GET /policy/api/v1/global-infra/security/tls-inspection-config-profiles/<tls-inspection-config-profile> (Experimental) |
Create or update TLS Config ProfileAPI will create/update TLS Config Profile |
PATCH /policy/api/v1/infra/security/tls-inspection-config-profiles/<tls-inspection-config-profile>
(Experimental)
PATCH /policy/api/v1/global-infra/security/tls-inspection-config-profiles/<tls-inspection-config-profile> (Experimental) |
Update TLS Config ProfileAPI will update TLS Config Profile |
PUT /policy/api/v1/infra/security/tls-inspection-config-profiles/<tls-inspection-config-profile>
(Experimental)
PUT /policy/api/v1/global-infra/security/tls-inspection-config-profiles/<tls-inspection-config-profile> (Experimental) |
List service chainsList all the service chains available for service insertion |
GET /policy/api/v1/infra/service-chains
|
Delete Service chainThis API can be user to delete service chain with given service-chain-id. |
DELETE /policy/api/v1/infra/service-chains/<service-chain-id>
|
Read service chainThis API can be used to read service chain with given service-chain-id. |
GET /policy/api/v1/infra/service-chains/<service-chain-id>
|
Create service chainCreate Service chain representing the sequence in which 3rd party services must be consumed. |
PATCH /policy/api/v1/infra/service-chains/<service-chain-id>
|
Create or update service chainCreate or update Service chain representing the sequence in which 3rd party services must be consumed. |
PUT /policy/api/v1/infra/service-chains/<service-chain-id>
|
Read service paths for a given service chainThis API can be used to read service paths for a given service-chain-id. |
GET /policy/api/v1/infra/service-chains/<service-chain-id>/service-paths
|
List service referencesList all the partner service references available for service insertion |
GET /policy/api/v1/infra/service-references
|
Delete Service ReferenceThis API can be used to delete a service reference with the given service-reference-id. |
DELETE /policy/api/v1/infra/service-references/<service-reference-id>
|
Read service referenceThis API can be used to read service reference with the given service-reference-id. |
GET /policy/api/v1/infra/service-references/<service-reference-id>
|
Create service referenceCreate Service Reference representing the intent to consume a given 3rd party service. |
PATCH /policy/api/v1/infra/service-references/<service-reference-id>
|
Create service referenceCreate Service Reference representing the intent to consume a given 3rd party service. |
PUT /policy/api/v1/infra/service-references/<service-reference-id>
|
List service profilesList all the service profiles available for given service reference |
GET /policy/api/v1/infra/service-references/<service-reference-id>/service-profiles
|
Delete Service profileThis API can be used to delete service profile with given service-profile-id |
DELETE /policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>
|
Read service profileThis API can be used to read service profile with given service-profile-id |
GET /policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>
|
Create service profileCreate Service profile to specify vendor template attri- butes for a given 3rd party service. |
PATCH /policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>
|
Create or update service profileCreate or update Service profile to specify vendor temp- late attributes for a given 3rd party service. |
PUT /policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>
|
Get Groups used in Redirection rules for a given Service Profile.List of Groups used in Redirection rules for a given Service Profile. |
GET /policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>/group-associations
|
List all service chain mappings for given service profile.List all service chain mappings in the system for the given service profile. If no explicit enforcement point is provided in the request, will return for default. Else, will return for specified points. |
GET /policy/api/v1/infra/service-references/<service-reference-id>/service-profiles/<service-profile-id>/service-chain-mappings
|
List Session Timer ProfilesAPI will list all Session Timer Profiles bindings. |
GET /policy/api/v1/infra/session-timer-profiles/<session-timer-profile-id>/bindings
GET /policy/api/v1/global-infra/session-timer-profiles/<session-timer-profile-id>/bindings |
List Firewall CPU Memory Thresholds Profile Binding MapsAPI will list all Firewall CPU Memory Thresholds Profile Binding Maps. |
GET /policy/api/v1/infra/settings/firewall/cpu-mem-thresholds-profile-binding-maps
GET /policy/api/v1/global-infra/settings/firewall/cpu-mem-thresholds-profile-binding-maps |
Delete Firewall CPU Memory Thresholds Profile BindingAPI will delete Firewall CPU Memory Thresholds Profile Binding. |
DELETE /policy/api/v1/infra/settings/firewall/cpu-mem-thresholds-profile-binding-maps/<cpu-mem-thresholds-profile-binding-map-id>
|
Get Firewall CPU Memory Thresholds Profile Binding MapAPI will get Firewall CPU Memory Thresholds Profile Binding Map. |
GET /policy/api/v1/infra/settings/firewall/cpu-mem-thresholds-profile-binding-maps/<cpu-mem-thresholds-profile-binding-map-id>
|
Create or update Firewall CPU Memory Thresholds Profile Binding MapAPI will create or update Firewall CPU Memory Thresholds Profile binding map. |
PATCH /policy/api/v1/infra/settings/firewall/cpu-mem-thresholds-profile-binding-maps/<cpu-mem-thresholds-profile-binding-map-id>
|
Update Firewall CPU Memory Thresholds Profile Binding MapAPI will update Firewall CPU Memory Thresholds Profile Binding Map. |
PUT /policy/api/v1/infra/settings/firewall/cpu-mem-thresholds-profile-binding-maps/<cpu-mem-thresholds-profile-binding-map-id>
|
List all CPU and memory thresholds profilesList all CPU and memory thresholds profiles. |
GET /policy/api/v1/global-infra/settings/firewall/cpu-mem-thresholds-profiles
GET /policy/api/v1/infra/settings/firewall/cpu-mem-thresholds-profiles |
Delete CPU and memory thresholds profileDelete CPU and memory thresholds profile. |
DELETE /policy/api/v1/infra/settings/firewall/cpu-mem-thresholds-profiles/<profile-id>
DELETE /policy/api/v1/global-infra/settings/firewall/cpu-mem-thresholds-profiles/<profile-id> |
Read the CPU and memory thresholds profileRead the CPU and memory thresholds profile. |
GET /policy/api/v1/infra/settings/firewall/cpu-mem-thresholds-profiles/<profile-id>
GET /policy/api/v1/global-infra/settings/firewall/cpu-mem-thresholds-profiles/<profile-id> |
Create or update CPU and memory thresholds profileCreate or update CPU and memory thresholds profile. |
PATCH /policy/api/v1/infra/settings/firewall/cpu-mem-thresholds-profiles/<profile-id>
PATCH /policy/api/v1/global-infra/settings/firewall/cpu-mem-thresholds-profiles/<profile-id> |
Create or update CPU and memory thresholds profileCreate or update CPU and memory thresholds profile. |
PUT /policy/api/v1/infra/settings/firewall/cpu-mem-thresholds-profiles/<profile-id>
PUT /policy/api/v1/global-infra/settings/firewall/cpu-mem-thresholds-profiles/<profile-id> |
Download exported fileDownload the exported file generated from the last export task. |
GET /policy/api/v1/infra/settings/firewall/export?action=download
|
Get the information of export taskGet the information of the latest export task. |
GET /policy/api/v1/infra/settings/firewall/export
|
Cancel a running export taskThis operation cancels an export task. Task needs to be in running state. |
POST /policy/api/v1/infra/settings/firewall/export?action=cancel
|
Invoke export taskInvoke export task. There can be only one export task run at any point of time. Hence invocation of another export task will be discarded, when there exist an already running export task. Exported configuration will be in a CSV format. This CSV file will be zipped into a ZIP file, that can be downloaded after the completion of export task. |
POST /policy/api/v1/infra/settings/firewall/export
|
Get the list of gateway firewall dependent servicesGet the list of gateway firewall dependent services |
GET /policy/api/v1/infra/settings/firewall/gateway/dependent-services
|
List compute cluster idfw ConfigurationAPI will list all compute cluster wise identity firewall configuration |
GET /policy/api/v1/infra/settings/firewall/idfw/cluster
|
Delete compute cluster idfw configurationDelete compute cluster identity firewall configuration. |
DELETE /policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>
|
Read compute cluster idfw configurationRead compute cluster identity firewall configuration |
GET /policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>
|
Patch compute cluster idfw configurationPatch compute cluster identity firewall configuration. |
PATCH /policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>
|
Create or update compute cluster idfw configurationUpdate the compute cluster idfw configuration |
PUT /policy/api/v1/infra/settings/firewall/idfw/cluster/<cluster-id>
|
Get IDFW status for a Compute CollectionGet IDFW status for a specific Compute Collection |
GET /policy/api/v1/infra/settings/firewall/idfw/compute-collections/<compute-collection-id>/status
|
List IDFW status for Transport Nodes in a Compute CollectionThis API will list all transport node and statuses based on idfw enabled compute collection ID. |
GET /policy/api/v1/infra/settings/firewall/idfw/compute-collections/<compute-collection-id>/transport-nodes/status
|
Get IDFW status for all Compute CollectionsGet IDFW status for all Compute Collections |
GET /policy/api/v1/infra/settings/firewall/idfw/compute-collections/status
|
Get all IDFW Group VM details for a given GroupGet all Identity Firewall Group VM details for a given Group. |
GET /policy/api/v1/infra/settings/firewall/idfw/group-vm-details
|
Read idfw configuration for standalone hostRead identity firewall configuration for standalone host |
GET /policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting
|
Patch idfw configuration for standalone hostPatch identity firewall configuration for standalone host |
PATCH /policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting
|
Create or update idfw configuration for standalone hostUpdate the idfw configuration for standalone host |
PUT /policy/api/v1/infra/settings/firewall/idfw/standalone-host-switch-setting
|
Get IDFW system statistics dataIt will get IDFW system statistics data. |
GET /policy/api/v1/infra/settings/firewall/idfw/system-stats
|
List IDFW status of VMs by transport node idThis API will list all VMs and statuses based on transport node ID of idfw enabled compute collection. |
GET /policy/api/v1/infra/settings/firewall/idfw/transport-nodes/<transport-node-id>/vms/status
|
Get user session dataIt will get user session data. |
GET /policy/api/v1/infra/settings/firewall/idfw/user-session-data
|
Get IDFW user login events for a given userIt will get IDFW user login events for a given user. |
GET /policy/api/v1/infra/settings/firewall/idfw/user-stats/<user-id>
|
Get IDFW user login events for a given VMIt will get IDFW user login events for a given VM (all active plus up to 5 most recent archived entries). |
GET /policy/api/v1/infra/settings/firewall/idfw/vm-stats/<vm-id>
|
Get the information of import taskGet the information of the latest import task. |
GET /policy/api/v1/infra/settings/firewall/import
|
Invoke import taskInvoke import task. There can be only one import task run at any point of time. Hence invocation of another import task will be discarded, when there exist an already running import task. |
POST /policy/api/v1/infra/settings/firewall/import
|
Cancel a running import taskThis operation cancels an import task. Task needs to be in running state. |
POST /policy/api/v1/infra/settings/firewall/import?action=cancel
|
Get dfw firewall configurationGet the current dfw firewall configurations. |
GET /policy/api/v1/infra/settings/firewall/security
|
Update dfw firewall configurationUpdate dfw firewall related configurations. |
PATCH /policy/api/v1/infra/settings/firewall/security
|
Update dfw firewall configurationUpdate dfw firewall related configurations. |
PUT /policy/api/v1/infra/settings/firewall/security
|
Get the list of distributed firewall dependent servicesGet the list of distributed firewall dependent services |
GET /policy/api/v1/infra/settings/firewall/security/dependent-services
|
Read security policy exclude list including system and user excluded membersRead security policy exclude list including system and user excluded members. |
GET /policy/api/v1/infra/settings/firewall/security/exclude-list?system_owned=true
|
Read security policy exclude listRead exclude list for firewall |
GET /policy/api/v1/infra/settings/firewall/security/exclude-list
|
Patch exclusion list for security policyPatch exclusion list for security policy. |
PATCH /policy/api/v1/infra/settings/firewall/security/exclude-list
|
Filter the firewall exclude listFilter the firewall exclude list by the given object, to check whether the object is a member of this exclude list. |
POST /policy/api/v1/infra/settings/firewall/security/exclude-list?action=filter
|
Create or update exclusion list for security policyUpdate the exclusion list for security policy |
PUT /policy/api/v1/infra/settings/firewall/security/exclude-list
|
Get IDS system settingsIntrusion detection system settings. |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services
|
Patch Intrusion detection system settingsIntrusion detection system settings. |
PATCH /policy/api/v1/infra/settings/firewall/security/intrusion-services
|
Update Intrusion detection system settingsIntrusion detection system settings. |
PUT /policy/api/v1/infra/settings/firewall/security/intrusion-services
|
Get the list of the IPs affected for that signature for intrusion events detected on gatewayGet the list of IP addresses affected pertaining to a specific signature for intrusion events detected on gateway. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/affected-ips
|
Get the list of the users affected for that signatureGet the list of the users affected pertaining to a specific signature. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/affected-users
|
Get the list of the VMs affected for that signatureGet the list of the VMs affected pertaining to a specific signature. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/affected-vms
|
List IDS cluster configsList intrusion detection system cluster configs. |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/cluster-configs
|
Read IDS cluster config.Read intrusion detection system cluster config |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/cluster-configs/<cluster-config-id>
|
Patch IDS config on cluster levelPatch intrusion detection system on cluster level. |
PATCH /policy/api/v1/infra/settings/firewall/security/intrusion-services/cluster-configs/<cluster-config-id>
|
create or update IDS config on cluster levelUpdate intrusion detection system on cluster level. |
PUT /policy/api/v1/infra/settings/firewall/security/intrusion-services/cluster-configs/<cluster-config-id>
|
List Global IDS signaturesList global intrusion detection signatures. |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/global-signatures
|
Delete Global IDS signatureDelete global intrusion detection signature. |
DELETE /policy/api/v1/infra/settings/firewall/security/intrusion-services/global-signatures/<signature-id>
|
Get Global IDS signature.Read global intrusion detection signature |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/global-signatures/<signature-id>
|
Patch Global IDS SignaturePatch global intrusion detection system signature. |
PATCH /policy/api/v1/infra/settings/firewall/security/intrusion-services/global-signatures/<signature-id>
|
create or update Global IDS SignatureUpdate global intrusion detection signature. |
PUT /policy/api/v1/infra/settings/firewall/security/intrusion-services/global-signatures/<signature-id>
|
Get the list of the IDS events that are detected, grouped by signature id.Get the list of the IDS events that are detected with the total number of intrusions detected, their severity and the time they occurred, grouped by signature id. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/ids-events
|
Read IDS configRead intrusion detection system config of standalone hosts. |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/ids-standalone-host-config
|
Patch IDS configurationPatch intrusion detection system configuration on standalone hosts. |
PATCH /policy/api/v1/infra/settings/firewall/security/intrusion-services/ids-standalone-host-config
|
Create or update IDS configurationUpdate intrusion detection system configuration on standalone hosts. |
PUT /policy/api/v1/infra/settings/firewall/security/intrusion-services/ids-standalone-host-config
|
Get the summary of the intrusions that were detected.Get the summary of all the intrusions that are detected grouped by signature with details including signature name, id, severity, attack type, protocol, first and recent occurence, and affected users and VMs. The following filter criteria are supported: attack target, attack type, gateway name, IP address, product affected, signature ID and VM name. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/ids-summary
|
List IDS profilesList intrusion detection profiles. |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/profiles
|
Delete IDS profileDelete intrusion detection profile. |
DELETE /policy/api/v1/infra/settings/firewall/security/intrusion-services/profiles/<profile-id>
|
Get IDS profile.Read intrusion detection profile |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/profiles/<profile-id>
|
Patch IDS profilePatch intrusion detection system profile. |
PATCH /policy/api/v1/infra/settings/firewall/security/intrusion-services/profiles/<profile-id>
|
create or update IDS profileUpdate intrusion detection profile. |
PUT /policy/api/v1/infra/settings/firewall/security/intrusion-services/profiles/<profile-id>
|
Get IDS profile signatures.Get all the IDS signatures attached to the Profile. |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/profiles/<profile-id>/effective-signatures
(Experimental)
|
Get IDS signature versionsIntrusion detection system signature versions. |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/signature-versions
|
Change the state of IDS Signature VersionMake this IDS Signature version as ACTIVE version and other versions as NOTACTIVE. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/signature-versions?action=make_active_version
|
List IDS signaturesList intrusion detection system signatures. |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/signature-versions/<version-id>/signatures
|
Download and update IDS signaturesTrigger the process to Download and update the IDS signatures manually. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/signatures?action=update_signatures
|
Upload IDS signatures bundleUpload IDS signatures bundle |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/signatures?action=upload_signatures
|
Get IDS signature statusIntrusion detection system signatures status. |
GET /policy/api/v1/infra/settings/firewall/security/intrusion-services/signatures/status
|
Reset IDS/IPS rule statisticsSets IDS/IPS rule statistics counter to zero. - no enforcement point path specified: Reset of stats will be executed for each enforcement point. - {enforcement_point_path}: Reset of stats will be executed only for the given enforcement point. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/stats?action=reset
|
List Malware Prevention profilesList Malware Prevention profiles. |
GET /policy/api/v1/infra/settings/firewall/security/malware-prevention-service/profiles
|
Delete Malware Prevention profileDelete Malware Prevention profile. |
DELETE /policy/api/v1/infra/settings/firewall/security/malware-prevention-service/profiles/<profile-id>
|
Get Malware Prevention profile.Read Malware Prevention profile |
GET /policy/api/v1/infra/settings/firewall/security/malware-prevention-service/profiles/<profile-id>
|
Patch Malware Prevention profilePatch Malware Prevention profile. |
PATCH /policy/api/v1/infra/settings/firewall/security/malware-prevention-service/profiles/<profile-id>
|
Patch Malware Prevention profilePatch Malware Prevention profile. |
PUT /policy/api/v1/infra/settings/firewall/security/malware-prevention-service/profiles/<profile-id>
|
List Malware Prevention signaturesList Malware Prevention signatures. |
GET /policy/api/v1/infra/settings/firewall/security/malware-prevention-service/signatures
|
Reset firewall rule statisticsSets firewall rule statistics counter to zero. This operation is supported for given category, for example: DFW i.e. for all layer3 firewall (transport nodes only) rules or EDGE i.e. for all layer3 edge firewall (edge nodes only) rules. - no enforcement point path specified: On global manager, it is mandatory to give an enforcement point path. On local manager, reset of stats will be executed for each enforcement point. - {enforcement_point_path}: Reset of stats will be executed only for the given enforcement point. |
POST /policy/api/v1/infra/settings/firewall/stats?action=reset
POST /policy/api/v1/global-infra/settings/firewall/stats?action=reset |
Additional API to read service insertion exclude list without filtering out the system owned membersRead exclude list for service insertion |
GET /policy/api/v1/infra/settings/service-insertion/security/exclude-list?system_owned=true
|
Default API to read service insertion exclude list with system owned members filtered outRead exclude list for service insertion |
GET /policy/api/v1/infra/settings/service-insertion/security/exclude-list
|
Patch service insertion exclusion list for security policyPatch service insertion exclusion list for security policy. |
PATCH /policy/api/v1/infra/settings/service-insertion/security/exclude-list
|
Update service insertion exclusion listUpdate the exclusion list for service insertion policy |
PUT /policy/api/v1/infra/settings/service-insertion/security/exclude-list
|
Get service insertion configuration statusGet the current service insertion status configuration. |
GET /policy/api/v1/infra/settings/service-insertion/security/status
|
Update service insertion status configurationUpdate service insertion status. |
PATCH /policy/api/v1/infra/settings/service-insertion/security/status
|
Update service insertion status configurationUpdate service insertion status. |
PUT /policy/api/v1/infra/settings/service-insertion/security/status
|
Delete FqdnAnalysisConfigDelete FqdnAnalysisConfig from the passed edge cluser node. |
DELETE /policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcement-point-id>/edge-clusters/<edge-cluster-id>/fqdn-analysis-config
|
Get FqdnAnalysisConfigGets a FqdnAnalysisConfig. This returns the details of the config like whether the FQDN Analysis is enabled or disabled for the given edge cluster. |
GET /policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcement-point-id>/edge-clusters/<edge-cluster-id>/fqdn-analysis-config
|
Create or Update FqdnAnalysisConfigCreates/Updates a FqdnAnalysisConfig object. If FqdnAnalysisConfig object does not exists for the passed edge-cluster node, create a new FqdnAnalysisConfig object. If it already exists, patch it. |
PATCH /policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcement-point-id>/edge-clusters/<edge-cluster-id>/fqdn-analysis-config
|
Create or Update FqdnAnalysisConfigCreates/Updates FqdnAnalysisConfig Object for the given edge cluster. If FqdnAnalysisConfig object is not already present, creates it. If it already exists, replace with this object. |
PUT /policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcement-point-id>/edge-clusters/<edge-cluster-id>/fqdn-analysis-config
|
Delete PolicyUrlCategorizationConfigDelete PolicyUrlCategorizationConfig. If deleted, the URL categorization will be disabled for that edge cluster. |
DELETE /policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcement-point-id>/edge-clusters/<edge-cluster-id>/url-categorization-configs/<url-categorization-config-id>
|
Get PolicyUrlCategorizationConfigGets a PolicyUrlCategorizationConfig. This returns the details of the config like whether the URL categorization is enabled or disabled, the id of the context profiles which are used to filter the categories, and the update frequency of the data from the cloud. |
GET /policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcement-point-id>/edge-clusters/<edge-cluster-id>/url-categorization-configs/<url-categorization-config-id>
|
Create or Update PolicyUrlCategorizationConfigCreates/Updates a PolicyUrlCategorizationConfig. Creating or updating the PolicyUrlCategorizationConfig will enable or disable URL categorization for the given edge cluster. If the context_profiles field is empty, the edge cluster will detect all the categories of URLs. If context_profiles field has any context profiles, the edge cluster will detect only the categories listed within those context profiles. The context profiles should have attribute type URL_CATEGORY. The update_frequency specifies how frequently in minutes, the edge cluster will get updates about the URL data from the URL categorization cloud service. If the update_frequency is not specified, the default update frequency will be 30 min. |
PATCH /policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcement-point-id>/edge-clusters/<edge-cluster-id>/url-categorization-configs/<url-categorization-config-id>
|
Create or Update PolicyUrlCategorizationConfigCreates/Updates a PolicyUrlCategorizationConfig. Creating or updating the PolicyUrlCategorizationConfig will enable or disable URL categorization for the given edge cluster. If the context_profiles field is empty, the edge cluster will detect all the categories of URLs. If context_profiles field has any context profiles, the edge cluster will detect only the categories listed within those context profiles. The context profiles should have attribute type URL_CATEGORY. The update_frequency specifies how frequently in minutes, the edge cluster will get updates about the URL data from the URL categorization cloud service. If the update_frequency is not specified, the default update frequency will be 30 min. |
PUT /policy/api/v1/infra/sites/<site-id>/enforcement-points/<enforcement-point-id>/edge-clusters/<edge-cluster-id>/url-categorization-configs/<url-categorization-config-id>
|
Get list of gateway policies with rules that belong to the specific Tier-0 logical router.Get filtered view of gateway rules associated with the Tier-0. The gateay policies are returned in the order of category and precedence. |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/gateway-firewall
GET /policy/api/v1/global-infra/tier-0s/<tier-0-id>/gateway-firewall |
Read all BYOD service instance objects under a tier-0Read all BYOD service instance objects under a tier-0 |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances
|
Delete BYOD policy service instanceDelete BYOD policy service instance |
DELETE /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
|
Read BYOD service instanceRead BYOD service instance |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
|
Create BYOD service instanceCreate BYOD Service Instance which represent instance of service definition created on manager. |
PATCH /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
|
Create BYOD service instanceCreate BYOD Service Instance which represent instance of service definition created on manager. |
PUT /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
|
List all service instance endpointList all service instance endpoint |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints
|
Delete service instance endpointDelete service instance endpoint |
DELETE /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
|
Read service instance endpointRead service instance endpoint |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
|
Create service instance endpointCreate Service instance endpoint. |
PATCH /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
|
Create service instance endpointCreate service instance endpoint with given request if not exist. Modification of service instance endpoint is not allowed. |
PUT /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
|
List all virtual endpointsList all virtual endpoints |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints
|
Delete virtual endpointDelete virtual endpoint |
DELETE /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
|
Read virtual endpointRead virtual endpoint with given id under given Tier0. |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
|
Create or update virtual endpointCreate or update virtual endpoint. |
PATCH /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
|
Create or update virtual endpointCreate or update virtual endpoint. |
PUT /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
|
Read all service instance objects under a tier-0Read all service instance objects under a tier-0 |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances
|
Delete policy service instanceDelete policy service instance |
DELETE /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
|
Read service instanceRead service instance |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
|
Create service instanceCreate Service Instance. Please note that, only display_name, description and deployment_spec_name are allowed to be modified in an exisiting entity. If the deployment spec name is changed, it will trigger the upgrade operation for the SVMs. |
PATCH /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
|
Create service instanceCreate service instance. Please note that, only display_name, description and deployment_spec_name are allowed to be modified in an exisiting entity. If the deployment spec name is changed, it will trigger the upgrade operation for the SVMs. |
PUT /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
|
Get statistics for all runtimes associated with this PolicyServiceInstanceGet statistics for all data NICs on all runtimes associated with this PolicyServiceInstance. |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>/statistics
|
Get list of gateway policies with rules that belong to the specific Tier-0 LocalServices.Get filtered view of Gateway Firewall rules associated with the Tier-0 Locale Services. The gateway policies are returned in the order of category and sequence number. |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/locale-services/<locale-services-id>/gateway-firewall
GET /policy/api/v1/global-infra/tier-0s/<tier-0-id>/locale-services/<locale-services-id>/gateway-firewall |
Delete security configDelete security config |
DELETE /policy/api/v1/infra/tier-0s/<tier-0-id>/security-config
|
Read Security FeatureRead Security Feature. |
GET /policy/api/v1/infra/tier-0s/<tier-0-id>/security-config
|
Create or Update security configurationCreate a T0 security configuration if it is not already present, otherwise update the security onfiguration. |
PATCH /policy/api/v1/infra/tier-0s/<tier-0-id>/security-config
|
Create or Update security configurationCreate or update security configuration. |
PUT /policy/api/v1/infra/tier-0s/<tier-0-id>/security-config
|
Delete Flood Protection Profile Binding for Tier-0 Logical RouterAPI will delete Flood Protection Profile Binding for Tier-0 Logical Router. |
DELETE /policy/api/v1/infra/tier-0s/<tier0-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Get Flood Protection Profile Binding Map for Tier-0 Logical RouterAPI will get Flood Protection Profile Binding Map for Tier-0 Logical Router. |
GET /policy/api/v1/global-infra/tier-0s/<tier0-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
GET /policy/api/v1/infra/tier-0s/<tier0-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id> |
Create or update Flood Protection Profile Binding Map for Tier-0 Logical RouterAPI will create or update Flood Protection profile binding map for Tier-0 Logical Router. |
PATCH /policy/api/v1/infra/tier-0s/<tier0-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Create or update Flood Protection Profile Binding Map for Tier-0 Logical RouterAPI will create or update Flood Protection profile binding map for Tier-0 Logical Router. |
PUT /policy/api/v1/infra/tier-0s/<tier0-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Delete Flood Protection Profile Binding for Tier-0 Logical Router LocaleServicesAPI will delete Flood Protection Profile Binding for Tier-0 Logical Router LocaleServices. |
DELETE /policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Get Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServicesAPI will get Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices. |
GET /policy/api/v1/global-infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
GET /policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id> |
Create or update Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServicesAPI will create or update Flood Protection profile binding map for Tier-0 Logical Router LocaleServices. |
PATCH /policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Create or update Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServicesAPI will create or update Flood Protection profile binding map for Tier-0 Logical Router LocaleServices. |
PUT /policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Delete Session Timer Profile Binding for Tier-0 Logical Router LocaleServicesAPI will delete Session Timer Profile Binding for Tier-0 Logical Router LocaleServices. |
DELETE /policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Get Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServicesAPI will get Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices. |
GET /policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
GET /policy/api/v1/global-infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id> |
Create or update Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServicesAPI will create or update Session Timer profile binding map for Tier-0 Logical Router LocaleServices. |
PATCH /policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Create or update Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServicesAPI will create or update Session Timer profile binding map for Tier-0 Logical Router LocaleServices. |
PUT /policy/api/v1/infra/tier-0s/<tier0-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Delete Session Timer Profile Binding for Tier-0 Logical RouterAPI will delete Session Timer Profile Binding for Tier-0 Logical Router. |
DELETE /policy/api/v1/infra/tier-0s/<tier0-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Get Session Timer Profile Binding Map for Tier-0 Logical RouterAPI will get Session Timer Profile Binding Map for Tier-0 Logical Router. |
GET /policy/api/v1/infra/tier-0s/<tier0-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
GET /policy/api/v1/global-infra/tier-0s/<tier0-id>/session-timer-profile-bindings/<session-timer-profile-binding-id> |
Create or update Session Timer Profile Binding Map for Tier-0 Logical RouterAPI will create or update Session Timer profile binding map for Tier-0 Logical Router. |
PATCH /policy/api/v1/infra/tier-0s/<tier0-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Create or update Session Timer Profile Binding Map for Tier-0 Logical RouterAPI will create or update Session Timer profile binding map for Tier-0 Logical Router. |
PUT /policy/api/v1/infra/tier-0s/<tier0-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Get list of gateway policies with rules that belong to the specific Tier-1.Get filtered view of Gateway Firewall rules associated with the Tier-1. The gateway policies are returned in the order of category and sequence number. |
GET /policy/api/v1/global-infra/tier-1s/<tier-1-id>/gateway-firewall
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/gateway-firewall |
Read all Tier1 BYOD service instance objects under a tier-1Read all Tier1 BYOD service instance objects under a tier-1 |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/byod-service-instances
|
Delete BYOD policy service instanceDelete BYOD policy service instance |
DELETE /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
|
Read Tier1 BYOD service instanceRead Tier1 BYOD service instance |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
|
Create Tier1 BYOD service instanceCreate Tier1 BYOD Service Instance which represents instance of service definition created on manager. |
PATCH /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
|
Create Tier1 BYOD service instanceCreate Tier1 BYOD Service Instance which represent instance of service definition created on manager. |
PUT /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>
|
List all Tier1 service instance endpointList all Tier1 service instance endpoint |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints
|
Delete Tier1 service instance endpointDelete Tier1 service instance endpoint |
DELETE /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
|
Read Tier1 service instance endpointRead Tier1 service instance endpoint |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
|
Create Tier1 service instance endpointCreate Tier1 Service instance endpoint. |
PATCH /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
|
Create Tier1 service instance endpointCreate Tier1 service instance endpoint with given request if not exist. Modification of Tier1 service instance endpoint is not allowed. |
PUT /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/byod-service-instances/<service-instance-id>/service-instance-endpoints/<service-instance-endpoint-id>
|
List all virtual endpointsList all virtual endpoints |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints
|
Delete virtual endpointDelete virtual endpoint |
DELETE /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
|
Read virtual endpointRead virtual endpoint with given id under given Tier1. |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
|
Create or update virtual endpointCreate or update virtual endpoint. |
PATCH /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
|
Create or update virtual endpointCreate or update virtual endpoint. |
PUT /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/endpoints/virtual-endpoints/<virtual-endpoint-id>
|
Read all service instance objects under a tier-1Read all service instance objects under a tier-1 |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances
|
Delete Tier1 policy service instanceDelete Tier1 policy service instance |
DELETE /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
|
Read Tier1 service instanceRead Tier1 service instance |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
|
Create Tier1 service instanceCreate Tier1 Service Instance. Please note that, only display_name, description and deployment_spec_name are allowed to be modified in an exisiting entity. If the deployment spec name is changed, it will trigger the upgrade operation for the SVMs. |
PATCH /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
|
Create Tier1 service instanceCreate Tier1 service instance. Please note that, only display_name, description and deployment_spec_name are allowed to be modified in an exisiting entity. If the deployment spec name is changed, it will trigger the upgrade operation for the SVMs. |
PUT /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>
|
Get statistics for all runtimes associated with this Tier1 PolicyServiceInstanceGet statistics for all data NICs on all runtimes associated with this Tier1 PolicyServiceInstance. |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-service-id>/service-instances/<service-instance-id>/statistics
|
Get list of gateway policies with rules that belong to the specific Tier-1 LocalServices.Get filtered view of Gateway Firewall rules associated with the Tier-1 Locale Services. The gateway policies are returned in the order of category and sequence number. |
GET /policy/api/v1/global-infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>/gateway-firewall
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/locale-services/<locale-services-id>/gateway-firewall |
Read Security FeatureRead Security Feature. |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/security-config
|
Create or Update security configurationCreate a security configuration if it is not already present, otherwise update the security onfiguration. |
PATCH /policy/api/v1/infra/tier-1s/<tier-1-id>/security-config
|
Create or Update security configurationCreate or update security configuration. |
PUT /policy/api/v1/infra/tier-1s/<tier-1-id>/security-config
|
TLS inspection execution state details for the tier1TLS inspection execution state details for the tier1 |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/tls-inspection-state
|
TLS inspection execution state fqdn details for the tier1TLS inspection execution state fqdn details for the tier1 |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/tls-inspection-state/fqdns
|
Get TLS inspection FQDN stateGet TLS inspection FQDN state |
GET /policy/api/v1/infra/tier-1s/<tier-1-id>/tls-inspection-state/fqdns/<fqdn-id>
|
Delete Flood Protection Profile Binding for Tier-1 Logical RouterAPI will delete Flood Protection Profile Binding for Tier-1 Logical Router. |
DELETE /policy/api/v1/infra/tier-1s/<tier1-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Get Flood Protection Profile Binding Map for Tier-1 Logical RouterAPI will get Flood Protection Profile Binding Map for Tier-1 Logical Router. |
GET /policy/api/v1/global-infra/tier-1s/<tier1-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
GET /policy/api/v1/infra/tier-1s/<tier1-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id> |
Create or update Flood Protection Profile Binding Map for Tier-1 Logical RouterAPI will create or update Flood Protection profile binding map for Tier-1 Logical Router. |
PATCH /policy/api/v1/infra/tier-1s/<tier1-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Create or update Flood Protection Profile Binding Map for Tier-1 Logical RouterAPI will create or update Flood Protection profile binding map for Tier-1 Logical Router. |
PUT /policy/api/v1/infra/tier-1s/<tier1-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Delete Flood Protection Profile Binding for Tier-1 Logical Router LocaleServicesAPI will delete Flood Protection Profile Binding for Tier-1 Logical Router LocaleServices. |
DELETE /policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Get Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServicesAPI will get Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices. |
GET /policy/api/v1/global-infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
GET /policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id> |
Create or update Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServicesAPI will create or update Flood Protection profile binding map for Tier-1 Logical Router LocaleServices. |
PATCH /policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Create or update Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServicesAPI will create or update Flood Protection profile binding map for Tier-1 Logical Router LocaleServices. |
PUT /policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/flood-protection-profile-bindings/<flood-protection-profile-binding-id>
|
Delete Session Timer Profile Binding for Tier-1 Logical Router LocaleServicesAPI will delete Session Timer Profile Binding for Tier-1 Logical Router LocaleServices. |
DELETE /policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Get Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServicesAPI will get Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices. |
GET /policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
GET /policy/api/v1/global-infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id> |
Create or update Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServicesAPI will create or update Session Timer profile binding map for Tier-1 Logical Router LocaleServices. |
PATCH /policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Create or update Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServicesAPI will create or update Session Timer profile binding map for Tier-1 Logical Router LocaleServices. |
PUT /policy/api/v1/infra/tier-1s/<tier1-id>/locale-services/<locale-services-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Delete Session Timer Profile Binding for Tier-1 Logical RouterAPI will delete Session Timer Profile Binding for Tier-1 Logical Router. |
DELETE /policy/api/v1/infra/tier-1s/<tier1-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Get Session Timer Profile Binding Map for Tier-1 Logical RouterAPI will get Session Timer Profile Binding Map for Tier-1 Logical Router. |
GET /policy/api/v1/infra/tier-1s/<tier1-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
GET /policy/api/v1/global-infra/tier-1s/<tier1-id>/session-timer-profile-bindings/<session-timer-profile-binding-id> |
Create or update Session Timer Profile Binding Map for Tier-1 Logical RouterAPI will create or update Session Timer profile binding map for Tier-1 Logical Router. |
PATCH /policy/api/v1/infra/tier-1s/<tier1-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Create or update Session Timer Profile Binding Map for Tier-1 Logical RouterAPI will create or update Session Timer profile binding map for Tier-1 Logical Router. |
PUT /policy/api/v1/infra/tier-1s/<tier1-id>/session-timer-profile-bindings/<session-timer-profile-binding-id>
|
Delete TLS Config Profile Binding for Tier-1 Logical RouterAPI will delete TLS Config Profile Binding for Tier-1 Logical Router. |
DELETE /policy/api/v1/infra/tier-1s/<tier1-id>/tls-inspection-config-profile-bindings/<tls-inspection-config-profile-binding-id>
|
Get TLS Config Profile Binding Map for Tier-1 Logical RouterAPI will get TLS Config Profile Binding Map for Tier-1 Logical Router. |
GET /policy/api/v1/global-infra/tier-1s/<tier1-id>/tls-inspection-config-profile-bindings/<tls-inspection-config-profile-binding-id>
GET /policy/api/v1/infra/tier-1s/<tier1-id>/tls-inspection-config-profile-bindings/<tls-inspection-config-profile-binding-id> |
Create or update TLS Config Profile Binding Map for Tier-1 Logical RouterAPI will create or update TLS Config profile binding map for Tier-1 Logical Router. |
PATCH /policy/api/v1/infra/tier-1s/<tier1-id>/tls-inspection-config-profile-bindings/<tls-inspection-config-profile-binding-id>
|
Create or update TLS Config Profile Binding Map for Tier-1 Logical RouterAPI will create or update TLS Config profile binding map for Tier-1 Logical Router. |
PUT /policy/api/v1/infra/tier-1s/<tier1-id>/tls-inspection-config-profile-bindings/<tls-inspection-config-profile-binding-id>
|
Get Tls profiles available.List all the Tls profiles available by requested resource_type. |
GET /policy/api/v1/infra/tls-inspection-action-profiles
|
Delete a Tls profile.Deletes a Tls profile. |
DELETE /policy/api/v1/infra/tls-inspection-action-profiles/<action-profile-id>
|
Get TLS profile with id.Return Tls profile. |
GET /policy/api/v1/infra/tls-inspection-action-profiles/<action-profile-id>
|
Create a Tls profile.Create a Tls profile with values provided. It creates profile based on the resource_type in the payload. Each action profile supports the following 3 pre-defined config setting defaults: Balanced, High Fidelity and High Security. 1 - External Profile Balanced (default) Sample intent path: /infra/tls-inspection-action-profiles/external-balanced-profile API payload:
Profile with default settings:
2 - External Profile High Fidelity Sample intent path: /infra/tls-inspection-action-profiles/external-high-fidelity-profile Sample intent path:
Profile with default settings:
3 - External Profile High Security Sample intent path:/infra/tls-inspection-action-profiles/external-high-security-profile Sample intent path:
Profile with default settings:
4 - Internal Profile Balanced Sample intent path:/infra/tls-inspection-action-profiles/internal-balanced-profile Sample intent path:
Profile with default settings:
5 - Internal Profile High Fidelity Sample intent path:/infra/tls-inspection-action-profiles/internal-high-fidelity-profile Sample intent path:
Profile with default settings:
6 - Internal Profile High Security Sample intent path:/infra/tls-inspection-action-profiles/internal-high-security-profile Sample intent path:
Profile with default settings:
|
PATCH /policy/api/v1/infra/tls-inspection-action-profiles/<action-profile-id>
|
Update a Tls profile.Update user configurable properties of Tls profile. Each action profile supports the following 3 pre-defined config setting defaults: Balanced, High Fidelity and High Security. 1 - External Profile Balanced (default) Sample intent path: /infra/tls-inspection-action-profiles/external-balanced-profile API payload:
Profile with default settings:
2 - External Profile High Fidelity Sample intent path: /infra/tls-inspection-action-profiles/external-high-fidelity-profile Sample intent path:
Profile with default settings:
3 - External Profile High Security Sample intent path:/infra/tls-inspection-action-profiles/external-high-security-profile Sample intent path:
Profile with default settings:
4 - Internal Profile Balanced Sample intent path:/infra/tls-inspection-action-profiles/internal-balanced-profile Sample intent path:
Profile with default settings:
5 - Internal Profile High Fidelity Sample intent path:/infra/tls-inspection-action-profiles/internal-high-fidelity-profile Sample intent path:
Profile with default settings:
6 - Internal Profile High Security Sample intent path:/infra/tls-inspection-action-profiles/internal-high-security-profile Sample intent path:
Profile with default settings:
|
PUT /policy/api/v1/infra/tls-inspection-action-profiles/<action-profile-id>
|
List TLS policiesList all TLS policies. |
GET /policy/api/v1/infra/tls-inspection-policies
|
Delete TlsPolicyDelete TlsPolicy |
DELETE /policy/api/v1/infra/tls-inspection-policies/<policy-id>
|
Read tls policyRead TLS policy. |
GET /policy/api/v1/infra/tls-inspection-policies/<policy-id>
|
Update TLS policyUpdate the TLS policy. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a TLS policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. |
PATCH /policy/api/v1/infra/tls-inspection-policies/<policy-id>
|
Update TLS policyUpdate the TLS policy. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a TLS policy, use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. |
PUT /policy/api/v1/infra/tls-inspection-policies/<policy-id>
|
List TLS rulesList TLS rules |
GET /policy/api/v1/infra/tls-inspection-policies/<policy-id>/rules
|
Delete ruleDelete rule |
DELETE /policy/api/v1/infra/tls-inspection-policies/<policy-id>/rules/<rule-id>
|
Read ruleRead rule |
GET /policy/api/v1/infra/tls-inspection-policies/<policy-id>/rules/<rule-id>
|
Update TLS ruleUpdate the TLS rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you want to edit several rules in a TLS policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/tls-inspection-policies/<policy-id> |
PATCH /policy/api/v1/infra/tls-inspection-policies/<policy-id>/rules/<rule-id>
|
Update TLS ruleUpdate the TLS rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you want to edit several rules in a TLS policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/tls-inspection-policies/<policy-id> |
PUT /policy/api/v1/infra/tls-inspection-policies/<policy-id>/rules/<rule-id>
|
Get the list of URL categories.Gets the list of categories. This will provide all the supported categories along with their ids. Few examples of these categories are Shopping, Social Networks, Streaming sites, etc. |
GET /policy/api/v1/infra/url-categories
|
Get the list of reputation severityGets the list of reputation severities. This will provide all the supported severities along with their ids, min and max reputaitons. The min_reputation and max_reputation specify the range of the reputations which belong to a particular severity. For instance, any reputation between 1 to 20 belongs to the severity 'High Risk'. Similary a reputation between 81 to 100 belong to the severity 'Trustworthy'. |
GET /policy/api/v1/infra/url-reputation-severities
|
Post User Login/Logout events for IDFWAPI to receive User Login and Logout events for IDFW |
POST /policy/api/v1/system/input/login-logout-events
|